package cn.wolfcode.crm.shiro;

import cn.wolfcode.crm.domain.Employee;
import cn.wolfcode.crm.domain.Menu;
import cn.wolfcode.crm.service.IMenuService;
import cn.wolfcode.crm.util.MenuUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

public class ExtendsFormAuthenticationFilter extends FormAuthenticationFilter {

    @Autowired
    private IMenuService menuService;

    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        //登录成功之后将菜单信息存放到session中
        //查询出该当前登录的用户信息
        Employee employee = (Employee) subject.getPrincipal();
        //查询所有的菜单
        List<Menu> allMenus = menuService.selectAllParent();
        //判断该用户是否是管理员
        if(!employee.isAdmin()){
            //根据用户id来查询该用户的菜单
            List<Long> ids = menuService.listMenuIdsByEmployeeId(employee.getId());

            //递归过滤出只属于该用户的菜单
            MenuUtil.filterMenu(allMenus,ids);
        }

        //将过滤好的菜单存放到session中
        SecurityUtils.getSubject().getSession().setAttribute(MenuUtil.MENUS_IN_SESSION,allMenus);


        //直接响应登录成功的JSON
        HttpServletRequest req = (HttpServletRequest)request;
        HttpServletResponse resp = (HttpServletResponse)response;

        resp.setCharacterEncoding("UTF-8");
        PrintWriter out = resp.getWriter();
        out.println("{\"success\":true,\"massage\":\"登入成功\"}");
        out.flush();
        out.close();
        return false;
    }


    @Override
    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {

        try {
            response.setCharacterEncoding("UTF-8");
            PrintWriter out = response.getWriter();
            String message = e.getClass().getSimpleName();
            if ("IncorrectCredentialsException".equals(message)) {
                out.println("{\"success\":false,\"massage\":\"密码错误\"}");
            } else if ("UnknownAccountException".equals(message)) {
                out.println("{\"success\":false,\"massage\":\"账号不存在\"}");
            } else if ("LockedAccountException".equals(message)) {
                out.println("{\"success\":false,\"massage\":\"账号被锁定\"}");
            }else if("AuthenticationException".equals(message)){
                out.println("{\"success\":false,\"massage\":\"账号被锁定\"}");
            }else {
                out.println("{\"success\":false,\"massage\":\"未知错误\"}");
            }
            out.flush();
            out.close();
        } catch (IOException e1) {
            e1.printStackTrace();
        }
        return false;

    }
}
